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DETAILED ACTION 

This action is in response to the papers filed 2/26/2007. Claims 1-20 were 
received for consideration. 

Applicant's arguments have been considered but are moot in view of the new 
ground(s) of rejection. 

Claim Rejections - 35 USC § 102 
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except ttiat an international application filed under the treaty defined in section 
351 (a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

Claim 1-7, 9, 10, 12-16, 19 and 20 are rejected under 35 U.S.C. 102(e) as being 
anticipated by Fox et al (U.S. 6,535,227). Fox teaches everything with respect to claim 
1, a security indication spanning tree method comprising: determining asset value of a 
network node (see abstract and column 3 lines 34-59); ascertaining exposure rating of 
said network node (see abstract and column 3 lines 34-59); establishing a functional 
priority risk indicator for indicating the likelihood of an attack from another network node 
(see abstract and column 3 lines 34-59); and creating a spanning tree schematic of a 
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network including said network node, wherein said spanning tree schematic includes an 
indication of said asset value (see abstract and figure 7, 9 and 10). 

With respect to claim 2, wherein said spanning tree schematic includes an 
indication of said exposure rating (see abstract and figure 7, 9 and 10). 

With respect to claim 3, wherein said spanning tree schematic includes an 
indication of said attack risk (see column 1 lines 31-58). 

With respect to claim 4, wherein said asset value provides an indication of an 
economic value of functions provided by said network node (see column 1 lines 31-58). 

With respect to claim 5, said asset value corresponds to an economic impact of a 
disruption to functionality provided by said network node (see column 1 lines 31-58). 

With respect to claim 6, a security indication spanning tree method of claim 1 
wherein said exposure rating defines a threshold value corresponding to connectivity of 
the network node with other network nodes (see abstract and figure 7, 9 and 10 and 
column 9 line 20-25). 

With respect to claim 7, wherein said network node is given an exposure rating 
value based upon a connectivity distance from a root node (see column 9 lines 20-25). 

With respect to claim 8, wherein said root node is a node closest to an external 
network (see figure 1). 

With respect to claim 9, wherein said functional priority risk indicator is 
associated with an economic benefit and utility of functionality said network node 
provides (see column 1 lines 31-58). 
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With respect to claim 10, a security indication spanning tree system comprising: 
a bus for communicating information; a processor coupled to said bus (see column 5 
lines 35 -51 it is inherent that a computer has a processor), said processor for 
processing said information including instructions for building an attack impact 
susceptibility spanning tree representation including asset value factors (see column 5 
lines 35 -51 ); and a memory coupled to said bus, said memory for storing said 
information (see column 5 lines 35 -51 it is inherent that a computer has a memory), 
including instructions for building said attack impact susceptibility spanning tree 
representation including said asset value factors (see abstract, figure 7, 9 and 10 and 
column 3 lines 34-59). 

With respect to claim 1 1 , wherein said asset risk value is automatically 
determined (see column 5 lines 35 -51). 

With respect to claim 12, further comprising a central console for interfacing with 
a network application management platform (see Abstract and column 5 lines 35 -51). 

With respect to claim 13, wherein said instructions include attack spread risk 
determination instructions (see column 1 lines 31-58). 

With respect to claim 14, wherein said instructions include exposure rating 
determination directions (see figure 3 and column 5 lines 35 - column 6 lines 51 and 
column 7 line 28 - column 8 line 6). 

With respect to claim 15, a computer usable storage medium having computer 
readable program code embodied therein for causing a computer system to implement 
security indication spanning tree instructions comprising: a device examination module 
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for examining information regarding devices included in a centralized resource network, 
wherein said examining includes ascertaining what applications said devices support; 
an Importance indication module for obtaining an indication of a relative importance of 
functionality provided by said device (see column 5 lines 35 -51 and column 7 line 28 - 
column 8 line 6); and a spanning tree module for building a spanning tree topology 
representation including said indication of said relative importance of said device in 
supporting said applications (see abstract, figure 7, 9 and 10 and column 3 lines 34-59). 

With respect to claim 16, herein said relative importance of said device is based 
upon an economic value of functions said devices performs in support of said 
applications (see column 1 lines 31-58). 

With respect to claim 19, further comprising an attack danger assessment 
module for assessing the danger of an attack from other devices included in said 
network (see column 1 lines 31-58). 

With respect to claim 20, further comprising: deriving an attack danger indication 
based upon said indication of said relative importance of said device and said 
connectivity threshold value; and associating said attack danger indication with said 
device (see column 1 lines 31-58). 

Claim Rejections - 35 USC § 103 
The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
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invention was made to a person having ordinary sk\\\ in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

Claims 17 and 18 are rejected under 35 U.S.C. 103(a) as being unpatentable 

over Fox et al (U.S. 6,535,227) in view of Burrows et a! (U.S. 2002/0073338). Fox 

teaches everything with respect to claim 15 but with respect to claim 17 Fox does not 

teach further comprising an internal attack permeability module for investigating the 

permeability of a network in permitting an internal attack on a device from other devices 

included in the network. 1 7. Burrows an internal attack permeability module for 

investigating the permeability of a network in permitting an internal attack on a device 

from other devices included in the network (see Borrows paragraph 0040-0041). It 

would have been obvious to one of ordinary skill in the art at the time the invention was 

made to modify the method of Fox with the method of Burrows to diffuse attack from a 

first component to a second component in the network in order to mitigate the effects of 

undesirable behavior on the network, as taught by Burrows (see Burrows paragraph 

0028]). 

With respect to claim 18 wherein said investigating includes: analyzing the ease 
of attack on said device from other devices in said centralized resource network; and 
assigning an connectivity threshold value to said device based upon said analysis of 
said ease of attack (see Borrows paragraph 0040-0041 ). 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Devin Almeida whose telephone number is 571-270- 
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1018. The examiner can normally be reached on Monday-Thursday from 7:30 A.M. to 
5:00 P.M. The examiner can also be reached on alternate Fridays from 7:30 A.M. to 
4:00 P.M. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron, can be reached on 571-272-3799. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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Patent Examiner 
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